Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill declares only navigation functionality, but the documentation clearly describes filesystem writes and outbound network actions, including posting to Mattermost and uploading files. Undeclared write/network capabilities reduce transparency and consent, and can expose route data, logs, or credentials through unexpected side effects.
